基于拦截器对限流的实现通常用于保护系统免受过多请求的冲击,防止服务过载。通过限流可以限制客户端在一定时间内的请求次数。这是一个基于拦截器的令牌桶限流实现示例。
1.定义限流实现类
@Service
public class TokenBucketRateLimiterService {
@Resource
private StringRedisTemplate stringRedisTemplate;
// 每秒生成的令牌数
private static final int TOKENS_PER_SECOND = 10;
// 桶的最大容量
private static final int MAX_TOKENS = 50;
// 令牌桶的前缀
private static final String BUCKET_KEY_PREFIX = "token_bucket:";
/**
* 尝试获取令牌
* @param key
* @return 是否成功获取令牌
*/
public boolean tryAcquireToken(String key) {
long currentTimeMillis = System.currentTimeMillis();
String bucketKey = BUCKET_KEY_PREFIX + key;
// 获取上次更新的时间
String lastRefillTimeKey = bucketKey + "last_refill_time";
String lastRefillTimeStr = stringRedisTemplate.opsForValue().get(lastRefillTimeKey);
long lastRefillTime = lastRefillTimeStr != null ? Long.parseLong(lastRefillTimeStr) : currentTimeMillis;
// 计算需要增加的令牌数量
long timeDelta = currentTimeMillis - lastRefillTime;
long tokensToAdd = (timeDelta / 1000) * TOKENS_PER_SECOND;
// 更新令牌桶
String tokenCountStr = stringRedisTemplate.opsForValue().get(bucketKey);
int currentTokenCount = tokenCountStr != null ? Integer.parseInt(tokenCountStr) : MAX_TOKENS;
int newTokenCount = Math.min(currentTokenCount + (int) tokensToAdd, MAX_TOKENS);
if (newTokenCount > 0) {
stringRedisTemplate.opsForValue().set(bucketKey, String.valueOf(newTokenCount - 1), 1, TimeUnit.DAYS);
stringRedisTemplate.opsForValue().set(lastRefillTimeKey, String.valueOf(currentTimeMillis), 1, TimeUnit.DAYS);
return true;
} else {
stringRedisTemplate.opsForValue().set(bucketKey, String.valueOf(newTokenCount), 1, TimeUnit.DAYS);
stringRedisTemplate.opsForValue().set(lastRefillTimeKey, String.valueOf(currentTimeMillis), 1, TimeUnit.DAYS);
return false;
}
}
}
2.实现拦截器
对于限流限制方案,采用用户id和ip地址,作为redis缓存的key值,使用satoken来处理的token,直接获取id,这里的id我直接使用的用户id。
@Component
@Slf4j
public class RateLimitInterceptor implements HandlerInterceptor {
@Resource
private TokenBucketRateLimiterService rateLimiterService;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
// 获取当前会话的 token 值
String tokenValue = StpUtil.getTokenValue();
log.info("当前会话的token值----"+tokenValue);
// 获取指定 token 对应的账号id,如果未登录,则返回 null
String userId = (String) StpUtil.getLoginIdByToken(tokenValue);
//获取用户的ip地址
String ip = request.getRemoteAddr();
boolean allowed;
if (userId != null) {
allowed = rateLimiterService.tryAcquireToken(userId);
} else {
allowed = rateLimiterService.tryAcquireToken(ip);
}
if (!allowed) {
response.setStatus(HttpStatus.FORBIDDEN.getCode());
return false;
}
return true;
}
}